Welcome to GeekPolice!

We truly love technology and security and we want to share it with the world. Recognize the excitement of technology here daily:☞Security Discussion on malware, ransomware, and much more!
☞24/7 hard- and software tech support (+mobile!)
☞Virus and malware removal support
☞Business & Enterprise Users/Endpoints Now Supported!!
☞Tons of tutorials, guides and solutions
☞The very finest of our voluntary Support Staff
☞Much, much more FREE!

A few weeks ago i came home and attempted to access the internet via firefox, received a message that my proxy settings may have been changed, tired to adjust but to no avail. I then tried internet explorer and found the some problem. reset connections, rebooted, tried safe mode. nothing worked. I ran a MBAM scan and found several trojans, I removed them ,tried to reconnect and still nothing. Ran a full Scan with MBAM, and found a couple of more nasty critters. removed them and still no internet connection. I then attempted a system restore, restored to point of a week prior. This seemed to fix the issue of connecting to internet, but ever since the access speed has been slow, taking up to a minute or so to load a web page EX: My email zoominternet, very slow. I also noticed that my download speed was decreased from 1.2 mbit per second to at most 200 kbits per second.

Early this morning, i can across the program combo fix, I ran a scan and it detected a root kit it then rebooted my system and then proceeded to do a full scan, it found several files and deleted them. Here is the name of the root kit and the files deleted by ComboFix.

(Let me know if you want a copy of that combofix log) Please note i ran the combofix scan before coming to this forum.)

[ System Events ]Error - 12/6/2010 10:44:33 AM | Computer Name = MARKSOPT-PRAJGD | Source = Service Control Manager | ID = 7031Description = The Zune Bus Enumerator service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 0 milliseconds: Restart the service.

Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.

If an update is found, it will download and install the latest version.

Once the program has loaded, select "Perform Quick Scan", then click Scan.

The scan may take some time to finish,so please be patient.

When the scan is complete, click OK, then Show Results to view the results.

Make sure that everything is checked, and click Remove Selected.

When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)

The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.

Note:If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.Click OK to either and let MBAM proceed with the disinfection process.If asked to restart the computer, please do so immediately.

1. If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab * Set to "Always ask me where to Save the files".

2. During the download, rename Combofix to Combo-Fix as follows:

3. It is important you rename Combofix during the download, but not after.4. Please do not rename Combofix to other names, but only to the one indicated.5. Close any open browsers.6. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

We need to disable your local AV (Anti-virus) before running Combofix.

See HERE for how to disable your AV.

Double click on ComboFix.exe.

Follow the prompts. NOTE:

ComboFix will check to see if the Microsoft Windows Recovery Console is installed.***It's strongly recommended to have the Recovery Console installed before doing any malware removal.***

**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will automatically proceed with its scan.

The Recovery Console provides a recovery/repair mode should a problem occur during a Combofix run.

Allow ComboFix to download the Recovery Console.

Accept the End-User License Agreement.

The Recovery Console will be installed.

You will then get this next prompt that asks if you want to continue the malware scan, select yes

Allow combofix to run

Post C:\combofix.txt back here.

Note:Do not mouseclick combofix's window whilst it's running. That may cause it to stall.

I ran combofix as requested, once the program started it stated that it set attempting a restore point, then it seems to sit idle for 3 - 4 minutes. Then a message opps up saying a rootkit has been detected it then takes 1 - 2 minutes and then a message box appears ns states that combofix must reboot the machine, it shuts down and restarts and then completes the scan, There is no mention of the rootkit on the combofix log.

i was not able to get the program to load using internet explorer it kept saying that it was a malious add on trying to acess the browser and would shut down the page. i downloaded it through fire fox and ran the scan